-
Notifications
You must be signed in to change notification settings - Fork 3
57 lines (48 loc) · 1.74 KB
/
validate.yml
File metadata and controls
57 lines (48 loc) · 1.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Validate Action
on:
pull_request:
push:
branches:
- main
permissions:
contents: read
jobs:
validate:
name: Validate Action
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v6
with:
node-version: 24
- name: Validate action metadata
run: |
node <<'NODE'
const fs = require('node:fs');
const actionYaml = fs.readFileSync('action.yml', 'utf8');
const requiredPatterns = [
{ pattern: /^name:\s*['"]Promptfoo Code Scan['"]$/m, message: 'Missing expected action name' },
{ pattern: /^description:\s*['"]Scan pull requests for LLM security vulnerabilities['"]$/m, message: 'Missing expected action description' },
{ pattern: /^runs:\s*$/m, message: 'Missing runs section' },
{ pattern: /^\s+using:\s*['"]node20['"]$/m, message: 'Missing expected runtime' },
{ pattern: /^\s+main:\s*['"]dist\/index\.js['"]$/m, message: 'Missing expected action entrypoint' },
];
for (const { pattern, message } of requiredPatterns) {
if (!pattern.test(actionYaml)) {
throw new Error(message);
}
}
NODE
- name: Ensure bundled files exist
run: |
test -f dist/index.js
test -f dist/sourcemap-register.js
test -f dist/licenses.txt
test -f cli-bundle/index.js
test -f cli-bundle/sourcemap-register.js
- name: Syntax check bundled JavaScript
run: |
node --check dist/index.js
node --check dist/sourcemap-register.js
node --check cli-bundle/index.js
node --check cli-bundle/sourcemap-register.js